I added three DCs to a single DC Samba4 AD domain. They initially replicated and came up - but replication does not appear to be ongoing. A change made to a user via MMC connected to one DC does not appear on another DC. It the logs I see bursts of the following message: [2014/08/12 15:08:08.026270, 0] ../source4/librpc/rpc/dcerpc_util.c:660(dcerpc_pipe_auth_recv) Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for e3514235-4b06-11d1-ab04-00c04fc2dcd2 at ncacn_ip_tcp:3a74ac28-1613-471f-ac3d-1b8932eeb167._msdcs.example.com[1024,seal,krb5] NT_STATUS_INVALID_PARAMETER Could these be the cause to the lack of replication? I've search about and cannot ping down a meaning for this message. -- Adam Tauno Williams <mailto:awilliam at whitemice.org> GPG D95ED383 Systems Administrator, Python Developer, LPI / NCLA
Adam Tauno Williams
2014-Aug-12 20:02 UTC
[Samba] Four DCs, No Replication [and no demotion]
On Tue, 2014-08-12 at 15:08 -0400, Adam Tauno Williams wrote:> I added three DCs to a single DC Samba4 AD domain. > They initially replicated and came up - but replication does not appear > to be ongoing. A change made to a user via MMC connected to one DC does > not appear on another DC. > It the logs I see bursts of the following message: > [2014/08/12 15:08:08.026270, > 0] ../source4/librpc/rpc/dcerpc_util.c:660(dcerpc_pipe_auth_recv) > Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for > e3514235-4b06-11d1-ab04-00c04fc2dcd2 at ncacn_ip_tcp:3a74ac28-1613-471f-ac3d-1b8932eeb167._msdcs.example.com[1024,seal,krb5] NT_STATUS_INVALID_PARAMETER > Could these be the cause to the lack of replication? I've search about > and cannot ping down a meaning for this message.So I have tried to demote one of the new DCs, as it is not actually working. Only I cannot demote - [root at larkin26 ~]# samba-tool domain demote -Uadministrator Using LARKIN27.micore.us as partner server for the demotion Password for [BACKBONE\administrator]: Desactivating inbound replication Asking partner server LARKIN27.micore.us to synchronize from us Error while demoting, re-enabling inbound replication ERROR(<class 'samba.drs_utils.drsException'>): Error while sending a DsReplicaSync for partion CN=Schema,CN=Configuration,DC=micore,DC=us - drsException: DsReplicaSync failed (87, 'WERR_INVALID_PARAM') File "/usr/lib64/python2.6/site-packages/samba/netcmd/domain.py", line 647, in run sendDsReplicaSync(drsuapiBind, drsuapi_handle, ntds_guid, str(part), drsuapi.DRSUAPI_DRS_WRIT_REP) File "/usr/lib64/python2.6/site-packages/samba/drs_utils.py", line 83, in sendDsReplicaSync raise drsException("DsReplicaSync failed %s" % estr) -- Adam Tauno Williams <mailto:awilliam at whitemice.org> GPG D95ED383 Systems Administrator, Python Developer, LPI / NCLA
On Tue, 2014-08-12 at 15:08 -0400, Adam Tauno Williams wrote:> Could these be the cause to the lack of replication?Don't know, but there are various non documented things you need to do to get replication working. Some of them: http://linuxcostablanca.blogspot.com.es/2014/06/samba4-dc-replication-on-ubuntu.html